Page 1 of 1

What Is OAuth Client?

PostPosted: Wed May 29, 2019 7:22 am
by admin
OAuth is a convention that apps use to provide client software applications with a secure access. OAuth works through HTTP and authorizes Servers, Applications Devices and APIs, with an access token instead of credentials.

An OAuth client asks for a token, gets a token which is then used to access an API. It doesn't know anything about who authorized the application or if there was even a user there at all. In fact, the point of OAuth is to give a 'secured delegated access' for use in situations where the user is not present on the connection between the client and the resource being accessed. This is great for client authorization, but it's really bad for authentication, where the point is figuring out who the user is whether as to a user is there (or not).